<?php
  function admin_left_getmunu(){
  	  $query = "select * from menu where pid = -1";
	  $result = mysql_query($query);
	  $mids = usermenu($_SESSION['uid']);
	  
	  if($mids){
		  echo "<ul class='lefttree'>";
		  while($row = mysql_fetch_array($result)) 
		  { 
		  	if(in_array($row[id],$mids)){
		  		echo "<li class='tree'>";
				echo "<h2>".$row['name']."</h2>";
				$query1= "select * from menu where pid = ".$row['id'];
				$result1= mysql_query($query1);
				$count = mysql_num_rows($result1);
				if($count>0){
				  echo "<ul class='lefttree1'>";
					  echo "<li class='tree1top'></li>";
					  while($row1 = mysql_fetch_array($result1)){
					    if(in_array($row1[id],$mids)){
					       echo "<li class='tree1'><a href=\"".$row1['url']."\" target='mainFrame'>".$row1['name']."</a></li>";
						}
					  }
				  echo "</ul>";  
				}
				echo "</li>";
		  	}
		  }
		  echo "</ul>";  
	  }
  }
    function admin_left_getmunu1(){
  	  $query = "select * from menu where pid = -1";
	  $result = mysql_query($query);
	
		  echo "<ul class='lefttree'>";
		  while($row = mysql_fetch_array($result)) 
		  { 
		  	
		  		echo "<li class='tree'>";
				echo "<h2>".$row['name']."</h2>";
				$query1= "select * from menu where pid = ".$row['id'];
				$result1= mysql_query($query1);
				$count = mysql_num_rows($result1);
				if($count>0){
				  echo "<ul class='lefttree1'>";
					  echo "<li class='tree1top'></li>";
					  while($row1 = mysql_fetch_array($result1)){
					 
					       echo "<li class='tree1'><a href=\"#\" target='mainFrame'>".$row1['name']."</a></li>";
						
					  }
				  echo "</ul>";  
				}
				echo "</li>";
		  
		  }
		  echo "</ul>";  
	  
  }
  function usermenu($uid){
  	$sql =" SELECT mid";
    $sql.=" FROM user t";
	$sql.=" JOIN user_role tt ON t.id = tt.uid";
	$sql.=" AND t.id =".$uid;
	$sql.=" JOIN role_menu ttt ON tt.rid = ttt.rid";
  	$result = mysql_query($sql);
  	while ($rs = mysql_fetch_array($result)) {
  		$row[] = $rs["mid"];
  	}
  	return $row;
  }
  function currentrole(){
  	$sql =" SELECT ttt.name";
    $sql.=" FROM user t";
	$sql.=" JOIN user_role tt ON t.id = tt.uid";
	$sql.=" join role ttt on tt.rid = ttt.id";
	$sql.=" AND t.id =".$_SESSION['uid'];
	$result = mysql_query($sql);
	$u = "";
	while($rs = mysql_fetch_array($result)){
		$u.=$rs["name"].",";
	}
	echo substr($u, 0,strlen($u)-1);
  }

  
  function reguser($username,$pwd){
  	  $q = "select max(id) n from user";
  	  $result1 = mysql_query($q);
  	  $row = mysql_fetch_array($result1);
  	  $n = $row["n"];
  	  $n = $n+1;
      $query = "insert into user(id,name,pwd) values(";
      $query.= "".$n.",";
  	  $query.= "'".$username."',";
  	  $query.= "'".md5($pwd)."'";
  	  $query.= ")";
  	  $result = mysql_query($query);
  	  if($result){
  	  	$_SESSION['uid'] = $n;
  	  	alertmsgrtn("注册成功，用户名为：".$username.",请联系管理员为您分配角色","login.php");
  	  }else{
  	  	alertmsg('注册失败!');
  	  }
  }
  function role_add($name){
     $q = "select max(id) n from role";
  	  $result1 = mysql_query($q);
  	  $row = mysql_fetch_array($result1);
  	  $n = $row["n"];
  	  $n = $n+1;
      $query = "insert into role(id,name) values(";
      $query.= "".$n.",";
  	  $query.= "'".$name."'";
  	  $query.= ")";
  	  $result = mysql_query($query);
  	  if($result){
  	  	alertmsgrtn('角色新增成功!',"roles.php");
  	  }else{
  	  	alertmsgrtn('角色新增失败!',"roles.php");
  	  }
  }
  function loginuser($username,$pwd){
      $query = "select * from user where name='".$username."' and pwd='".md5($pwd)."'";
  	  $result = mysql_query($query);
  	  $n = mysql_num_rows($result);
  	  if($n>0){
  	  	$row = mysql_fetch_array($result);
  	  	$uid = $row['id'];
  	  	$_SESSION['uid'] = $uid;
  	  	jump("index.php");
  	  }else{
  	    alertmsgrtn('登录失败!',"login.php");
  	  }
  }
  function userbyid($id){
  	 $q = "select name from user where id =".$id;
  	 $result= mysql_query($q);
  	 $row = mysql_fetch_array($result);
  	 echo $row['name'];
  }
  function getusers($name){
  	  $query = "select count(*) n from user t";
      if ($name!='') {
	  	$query.=" where t.name like '%".$name."%'";
	  }
	  $result = mysql_query($query);
	  $row = mysql_fetch_array($result);
	  $n = $row['n'];
	  $pagenum = 20;
	  $page=new page(array('total'=>$n,'perpage'=>$pagenum));
      global $pagebar;
      $pagebar = $page->show(10);
	  $page=isset($_GET['page'])?$_GET['page']:1;
	  $sql =" SELECT * from user t";
	  if ($name!='') {
	  	$sql.=" where t.name like '%".$name."%'";
	  }
	  $sql.=" order by t.id desc";
	  $sql.= " limit ".($page-1)*$pagenum.",".$pagenum;

	  $result1 = mysql_query($sql);
	  $num = mysql_num_rows($result1);
	  if($num>0){
		  while($row1 = mysql_fetch_array($result1)){
		  	  echo "<tr align=\"center\">";
			  echo "<td height=\"25\"><input type=\"checkbox\" name=\"cbuserid\" value=\"".$row1['id']."\"></td>";
			  echo "<td height=\"25\">".$row1['id']."</td>";
			  echo "<td height=\"25\">".$row1['name']."</td>";
			  echo "<td height=\"25\">";
			  echo "<a href=\"actions.php?act=user_update&id=".$row1['id']."\">修改</a>&nbsp;";
			  echo "<a class='user_del1' href=\"actions.php?act=user_del1&id=".$row1['id']."\">删除</a>";
			  echo "</td>";
			  echo "</tr>";
		  }
	  }else{
	  	      echo "<tr align=\"center\">";
			  echo "<td colspan='4'>";
			  echo "<div class='nodata'>暂无记录</div>";
			  echo "</td>";
			  echo "</tr>";
	  }
  }
   function getart($name){
  	  $query = "select count(*) n from article t";
      if ($name!='') {
	  	$query.=" where t.title like '%".$name."%'";
	  }
	  $result = mysql_query($query);
	  $row = mysql_fetch_array($result);
	  $n = $row['n'];
	  $pagenum = 20;
	  $page=new page(array('total'=>$n,'perpage'=>$pagenum));
      global $pagebar;
      $pagebar = $page->show(10);
	  $page=isset($_GET['page'])?$_GET['page']:1;
	  $sql =" SELECT t.id,t.title,c.name cname,t.uptime,u.name uname from article t,`column` c,`user` u where t.colid = c.id";
	  $sql.=" and t.uid = u.id ";
	  if ($name!='') {
	  	$sql.=" and t.title like '%".$name."%'";
	  }
	  $sql.=" order by t.id desc";
	  $sql.= " limit ".($page-1)*$pagenum.",".$pagenum;

	  $result1 = mysql_query($sql) or die("查询文章失败".$sql);
	  $num = mysql_num_rows($result1);
	  if($num>0){
		  while($row1 = mysql_fetch_array($result1)){
		  	  echo "<tr align=\"center\">";
			  echo "<td height=\"25\"><input type=\"checkbox\" name=\"cbuserid\" value=\"".$row1['id']."\"></td>";
			  echo "<td height=\"25\">".$row1['id']."</td>";
			  echo "<td height=\"25\">".$row1['title']."</td>";
			  echo "<td height=\"25\">".$row1['cname']."</td>";
			  echo "<td height=\"25\">".$row1['uptime']."</td>";
			  echo "<td height=\"25\">".$row1['uname']."</td>";
			  echo "<td height=\"25\">";
			  echo "<a href=\"art_update.php?id=".$row1['id']."\">修改</a>&nbsp;";
			  echo "<a class='user_del1' href=\"actions.php?act=art_del1&id=".$row1['id']."\">删除</a>";
			  echo "</td>";
			  echo "</tr>";
		  }
	  }else{
	  	      echo "<tr align=\"center\">";
			  echo "<td colspan='4'>";
			  echo "<div class='nodata'>暂无记录</div>";
			  echo "</td>";
			  echo "</tr>";
	  }
  }
  function getsitepage(){
  	  $query = "select count(*) n from pages t";
      
	  $result = mysql_query($query);
	  $row = mysql_fetch_array($result);
	  $n = $row['n'];
	  $pagenum = 20;
	  $page=new page(array('total'=>$n,'perpage'=>$pagenum));
      global $pagebar;
      $pagebar = $page->show(10);
	  $page=isset($_GET['page'])?$_GET['page']:1;
	  $sql =" SELECT t.id,t.title,t.php,t.html,t.addtime,u.name uname from pages t,`user` u ";
	  $sql.=" where t.uid = u.id ";
	  $sql.=" order by t.id desc";
	  $sql.= " limit ".($page-1)*$pagenum.",".$pagenum;

	  $result1 = mysql_query($sql) or die("查询页面失败".$sql);
	  $num = mysql_num_rows($result1);
	  if($num>0){
		  while($row1 = mysql_fetch_array($result1)){
		  	  echo "<tr align=\"center\">";
			  echo "<td height=\"25\"><input type=\"checkbox\" name=\"cbuserid\" value=\"".$row1['id']."\"></td>";
			  echo "<td height=\"25\">".$row1['id']."</td>";
			  echo "<td height=\"25\">".$row1['title']."</td>";
			  echo "<td height=\"25\"><a class='pageurl' target='_blank' href='../".$row1['php']."'>".$row1['php']."</a></td>";
			  echo "<td height=\"25\">".$row1['html']."</td>";
			  echo "<td height=\"25\">".$row1['addtime']."</td>";
			  echo "<td height=\"25\">".$row1['uname']."</td>";
			  echo "<td height=\"25\">";
			  echo "<a href=\"sitepage_update.php?id=".$row1['id']."\">修改</a>&nbsp;";
			  echo "<a class='user_del1' href=\"actions.php?act=sitepage_del1&id=".$row1['id']."\">删除</a>";
			  echo "</td>";
			  echo "</tr>";
		  }
	  }else{
	  	      echo "<tr align=\"center\">";
			  echo "<td colspan='4'>";
			  echo "<div class='nodata'>暂无记录</div>";
			  echo "</td>";
			  echo "</tr>";
	  }
  }
   function getroles($name){
  	  $query = "select count(*) n from role t";
      if ($name!='') {
	  	$query.=" where t.name like '%".$name."%'";
	  }
	  $result = mysql_query($query);
	  $row = mysql_fetch_array($result);
	  $n = $row['n'];
	  $pagenum = 20;
	  $page=new page(array('total'=>$n,'perpage'=>$pagenum));
      global $pagebar;
      $pagebar = $page->show(10);
	  $page=isset($_GET['page'])?$_GET['page']:1;
	  $sql =" SELECT * from role t";
	  if ($name!='') {
	  	$sql.=" where t.name like '%".$name."%'";
	  }
	  $sql.=" order by t.id desc";
	  $sql.= " limit ".($page-1)*$pagenum.",".$pagenum;

	  $result1 = mysql_query($sql);
	  $num = mysql_num_rows($result1);
	  if($num>0){
		  while($row1 = mysql_fetch_array($result1)){
		  	  echo "<tr align=\"center\">";
			  echo "<td height=\"25\"><input type=\"checkbox\" name=\"cbuserid\" value=\"".$row1['id']."\"></td>";
			  echo "<td height=\"25\">".$row1['id']."</td>";
			  echo "<td height=\"25\">".$row1['name']."</td>";
			  echo "<td height=\"25\">";
			  echo "<a href=\"actions.php?act=role_update&id=".$row1['id']."\">修改</a>&nbsp;";
			  echo "<a class='user_del1' href=\"actions.php?act=role_del1&id=".$row1['id']."\">删除</a>";
			  echo "</td>";
			  echo "</tr>";
		  }
	  }else{
	  	      echo "<tr align=\"center\">";
			  echo "<td colspan='4'>";
			  echo "<div class='nodata'>暂无记录</div>";
			  echo "</td>";
			  echo "</tr>";
	  }
  }
     function getrole_menu($role,$menu){
	      $query = "select count(*) n from role_menu ur";
	  	  $query.=" join menu u on u.id = ur.mid";
	  	  $query.=" join role r on r.id = ur.rid where 1=1 ";
	      if ($menu!='') {
		  	$query.=" and u.name like '%".$menu."%'";
		  }
		  if ($role!='') {
		  	$query.=" and r.name like '%".$role."%'";
		  }
		 
		  $result = mysql_query($query);
		  $row = mysql_fetch_array($result);
		  $n = $row['n'];
		  $pagenum = 20;
		  $page=new page(array('total'=>$n,'perpage'=>$pagenum));
	      global $pagebar;
	      $pagebar = $page->show(10);
		  $page=isset($_GET['page'])?$_GET['page']:1;
		  $sql =" SELECT ur.id urid,u.name uname,r.name rname from role_menu ur";
		  $sql.=" join menu u on u.id = ur.mid";
	  	  $sql.=" join role r on r.id = ur.rid where 1=1";
		  if ($menu!='') {
		  	$sql.=" and u.name like '%".$menu."%'";
		  }
		  if ($role!='') {
		  	$sql.=" and r.name like '%".$role."%'";
		  }
		  $sql.=" order by rname desc";
		  $sql.= " limit ".($page-1)*$pagenum.",".$pagenum;
	
		  $result1 = mysql_query($sql);
		  $num = mysql_num_rows($result1);
		  if($num>0){
			  while($row1 = mysql_fetch_array($result1)){
			  	  echo "<tr align=\"center\">";
				  echo "<td height=\"25\"><input type=\"checkbox\" name=\"cbuserid\" value=\"".$row1['urid']."\"></td>";
				  echo "<td height=\"25\">".$row1['urid']."</td>";
				  echo "<td height=\"25\">".$row1['rname']."</td>";
				  echo "<td height=\"25\">".$row1['uname']."</td>";
				  echo "<td height=\"25\">";
				  echo "<a class='user_del1' href=\"actions.php?act=user_menu_del1&id=".$row1['urid']."\">删除</a>";
				  echo "</td>";
				  echo "</tr>";
			  }
		  }else{
		  	      echo "<tr align=\"center\">";
				  echo "<td colspan='5'>";
				  echo "<div class='nodata'>暂无记录</div>";
				  echo "</td>";
				  echo "</tr>";
		  }
     }
     function getuser_role($name,$role){
  	  $query = "select count(*) n from user_role ur";
  	  $query.=" join user u on u.id = ur.uid";
  	  $query.=" join role r on r.id = ur.rid where 1=1 ";
      if ($name!='') {
	  	$query.=" and u.name like '%".$name."%'";
	  }
	  if ($role!='') {
	  	$query.=" and r.name like '%".$role."%'";
	  }
	  $result = mysql_query($query);
	  $row = mysql_fetch_array($result);
	  $n = $row['n'];
	  $pagenum = 20;
	  $page=new page(array('total'=>$n,'perpage'=>$pagenum));
      global $pagebar;
      $pagebar = $page->show(10);
	  $page=isset($_GET['page'])?$_GET['page']:1;
	  $sql =" SELECT ur.id urid,u.name uname,r.name rname from user_role ur";
	  $sql.=" join user u on u.id = ur.uid";
  	  $sql.=" join role r on r.id = ur.rid where 1=1";
	  if ($name!='') {
	  	$sql.=" and u.name like '%".$name."%'";
	  }
	  if ($role!='') {
	  	$sql.=" and r.name like '%".$role."%'";
	  }
	  $sql.=" order by u.name ";
	  $sql.= " limit ".($page-1)*$pagenum.",".$pagenum;
	  $result1 = mysql_query($sql);
	  $num = mysql_num_rows($result1);
	  if($num>0){
		  while($row1 = mysql_fetch_array($result1)){
		  	  echo "<tr align=\"center\">";
			  echo "<td height=\"25\"><input type=\"checkbox\" name=\"cbuserid\" value=\"".$row1['id']."\"></td>";
			  echo "<td height=\"25\">".$row1['urid']."</td>";
			  echo "<td height=\"25\">".$row1['uname']."</td>";
			  echo "<td height=\"25\">".$row1['rname']."</td>";
			  echo "<td height=\"25\">";
			  echo "<a class='user_del1' href=\"actions.php?act=user_role_del1&id=".$row1['urid']."\">删除</a>";
			  echo "</td>";
			  echo "</tr>";
		  }
	  }else{
	  	      echo "<tr align=\"center\">";
			  echo "<td colspan='5'>";
			  echo "<div class='nodata'>暂无记录</div>";
			  echo "</td>";
			  echo "</tr>";
	  }
  }
  function delusers($ids){
  	 $ids = substr($ids, 0,strlen($ids)-1);
  	 $sql = "delete from user where id in (".$ids.")";
  	 $result = mysql_query($sql);
  	 if($result){
  	 	alertmsgrtn('删除成功!','users.php');
  	 }else{
  	 	alertmsgrtn('删除失败!','users.php');
  	 }
  }
  function delart($ids){
  	 $ids = substr($ids, 0,strlen($ids)-1);
  	 $sql = "delete from article where id in (".$ids.")";
  	 $result = mysql_query($sql);
  	 if($result){
  	 	alertmsgrtn('删除成功!','article.php');
  	 }else{
  	 	alertmsgrtn('删除失败!','article.php');
  	 }
  }
  function  deluserrole($ids){
     $ids = substr($ids, 0,strlen($ids)-1);
  	 $sql = "delete from user_role where id in (".$ids.")";
  	 $result = mysql_query($sql);
  	 if($result){
  	 	alertmsgrtn('删除成功!','user_role.php');
  	 }else{
  	 	alertmsgrtn('删除失败!','user_role.php');
  	 }
  }
  function deluserrole1($id){
     $sql = "delete from user_role where id = ".$id."";
  	 $result = mysql_query($sql);
  	 if($result){
  	 	alertmsgrtn('删除成功!','user_role.php');
  	 }else{
  	 	alertmsgrtn('删除失败!','user_role.php');
  	 }
  }
  function delrolemenu1($id){
     $sql = "delete from role_menu where id = ".$id."";
  	 $result = mysql_query($sql);
  	 if($result){
  	 	alertmsgrtn('删除成功!','role_menu.php');
  	 }else{
  	 	alertmsgrtn('删除失败!','role_menu.php');
  	 }
  }
  function delrolemenu($ids){
     $ids = substr($ids, 0,strlen($ids)-1);
  	 $sql = "delete from role_menu where id in (".$ids.")";
 
  	 $result = mysql_query($sql);
  	 if($result){
  	 	alertmsgrtn('删除成功!','role_menu.php');
  	 }else{
  	 	alertmsgrtn('删除失败!','role_menu.php');
  	 }
  }
  function delroles($ids){
  	 $ids = substr($ids, 0,strlen($ids)-1);
  	 $sql = "delete from role where id in (".$ids.")";
  	 $result = mysql_query($sql);
  	 if($result){
  	 	alertmsgrtn('删除成功!','roles.php');
  	 }else{
  	 	alertmsgrtn('删除失败!','roles.php');
  	 }
  }
  function deluser($id){
  	
  	 $sql = "delete from user where id = ".$id."";
  	 $result = mysql_query($sql);
  	 if($result){
  	 	alertmsgrtn('删除成功!','users.php');
  	 }else{
  	 	alertmsgrtn('删除失败!','users.php');
  	 }
  }
  function delart1($id){
  	 $sql = "delete from article where id = ".$id."";
  	 $result = mysql_query($sql);
  	 if($result){
  	 	alertmsgrtn('删除成功!','article.php');
  	 }else{
  	 	alertmsgrtn('删除失败!','article.php');
  	 }
  }
   function delrole($id){
  	
  	 $sql = "delete from role where id = ".$id."";
  	 $result = mysql_query($sql);
  	 if($result){
  	 	alertmsgrtn('删除成功!','roles.php');
  	 }else{
  	 	alertmsgrtn('删除失败!','roles.php');
  	 }
  }
  function updateuser($uid,$uname){
  	 $query = "update user set name='".$uname."' where id=".$uid;
  	 $result = mysql_query($query);
  	 if($result){
  	 	alertmsgrtn('修改成功','users.php');
  	 }else{
  	 	alertmsgrtn('修改失败','users.php');
  	 }
  }
  function updaterole($uid,$uname){
  	 $query = "update role set name='".$uname."' where id=".$uid;
  	 $result = mysql_query($query);
  	 if($result){
  	 	alertmsgrtn('修改成功','roles.php');
  	 }else{
  	 	alertmsgrtn('修改失败','roles.php');
  	 }
  }
  function menutree($pid,$level){
      $query = "select * from menu where pid = ".$pid;
      $result = mysql_query($query);
      $count = mysql_num_rows($result);
      if ($count>0){
      	$level=$level+1;
      	while($row = mysql_fetch_array($result)){
      	   $blank="";
      	   for ($i = 0; $i < $level-1; $i++) {
      	   	  $blank .= "..";
      	   }
      	   $blank .= "|--";
      	   echo "<option value='".$row['id']."'>".$blank.$row['name']."</option>";
      	   menutree($row['id'],$level);
        }
      }
  }
   function coltree($pid,$level,$id){
      $query = "select * from `column` where pid = ".$pid;
      $result = mysql_query($query);
      $count = mysql_num_rows($result);
      if ($count>0){
      	$level=$level+1;
      	while($row = mysql_fetch_array($result)){
      	   $blank="";
      	   for ($i = 0; $i < $level-1; $i++) {
      	   	  $blank .= "..";
      	   }
      	   $blank .= "|--";
      	   if ($row['id']==$id) {
	      	   	    echo "<option selected=\"selected\" value='".$row['id']."'>".$blank.$row['name']."</option>";
	      	   }else{
	      	     	echo "<option value='".$row['id']."'>".$blank.$row['name']."</option>";
	       }
      	   coltree($row['id'],$level,$id);
        }
      }
  }
	 function menutree1($pid,$level,$id){
	      $query = "select * from menu where pid = ".$pid;
	      $result = mysql_query($query);
	      $count = mysql_num_rows($result);
	      if ($count>0){
	      	$level=$level+1;
	      	while($row = mysql_fetch_array($result)){
	      	   $blank="";
	      	   for ($i = 0; $i < $level-1; $i++) {
	      	   	  $blank .= "..";
	      	   }
	      	   $blank .= "|--";
	      	   if ($row['id']==$id) {
	      	   	    echo "<option selected=\"selected\" value='".$row['id']."'>".$blank.$row['name']."</option>";
	      	   }else{
	      	     	echo "<option value='".$row['id']."'>".$blank.$row['name']."</option>";
	      	   }
	      	   menutree1($row['id'],$level,$id);
	        }
	      }
	  }
	  function menufatherid($id){
	  	 $query = "select pid from menu where id = ".$id;
	  	 $result = mysql_query($query);
	  	 $row = mysql_fetch_array($result);
	  	 return $row['pid'];
	  }
	  function updatemenu($mid,$name,$fid,$url){
	  	$query = "update menu set name='".$name."',pid=".$fid.",url='".$url."' where id=".$mid;
	  	$result = mysql_query($query);
		 if($result){
	  	 	alertmsgrtn('修改成功','menus.php');
	  	 }else{
	  	 	alertmsgrtn('修改失败','menus.php');
	  	 }
	  }
	  function menuadd($fid,$name,$url){
		  $query = "insert into menu(name,pid,url) values(";
	      $query.= "'".$name."',";
	      $query.= "".$fid.",";
	  	  $query.= "'".$url."'";
	  	  $query.= ")";
	  	  $result = mysql_query($query);
	  	  if($result){
	  	  	alertmsgrtn('新增成功!',"menus.php");
	  	  }else{
	  	  	alertmsg('新增失败!');
	  	  }
	  }
	  function menudel($id){
	  	 $query = "select count(*) n from menu where pid=".$id;
	  	 $result1 = mysql_query($query);
	  	 $row = mysql_fetch_array($result1);
	  	 if($row['n']>0){
		  	 alertmsg("请先删除子节点!");
	  	 }else{
	  	     $sql = "delete from menu where id = ".$id."";
		  	 $result = mysql_query($sql);
		  	 if($result){
		  	 	alertmsgrtn('删除成功!','menus.php');
		  	 }else{
		  	 	alertmsgrtn('删除失败!','menus.php');
		  	 }
	  	 }
	  }
	  function user_role_add($uid,$rid){
	  	 $query = "select count(*) n from user_role where uid=".$uid." and rid = ".$rid;
	  	 $result = mysql_query($query);
	  	 $row = mysql_fetch_array($result);
	  	 $n = $row['n'];
	  	 if($n>0){
	  	 	alertmsg('该用户角色已配置!');
	  	 }else{
	  	 	$query = " insert into user_role(uid,rid) values(";
	  	 	$query.="".$uid.",";
	  	 	$query.="".$rid."";
	  	 	$query.=")";
	  	 	$result = mysql_query($query);
	  	 	if($result){
	  	 		alertmsg('用户角色配置成功!');
	  	 	}else{
	  	 		alertmsg('用户角色配置失败!');
	  	 	}
	  	 }
	  }
	  function role_menu_add($role,$right){
	     $query = "select count(*) n from role_menu where rid=".$role." and mid = ".$right;
	  	 $result = mysql_query($query);
	  	 $row = mysql_fetch_array($result);
	  	 $n = $row['n'];
	  	 if($n>0){
	  	 	alertmsg('该角色权限已配置!');
	  	 }else{
	  	 	$query = " insert into role_menu(rid,mid) values(";
	  	 	$query.="".$role.",";
	  	 	$query.="".$right."";
	  	 	$query.=")";
	  	 	$result = mysql_query($query);
	  	 	if($result){
	  	 		alertmsg('角色权限配置成功!');
	  	 	}else{
	  	 		alertmsg('角色权限配置失败!');
	  	 	}
	  	 }
	  }
	  function modifyuser($user,$pass,$newpass){
	  	$query = "select * from user where pwd='".md5($pass)."' and id = ".$_SESSION['uid'];

	  	$result = mysql_query($query);
	  	$n = mysql_num_rows($result);
	  	
	  	if ($n>0) {
	  		$query = "update user set name='".$user."' ,pwd='".md5($newpass)."' where id =  ".$_SESSION['uid'];
	  		$result = mysql_query($query);
	  		if($result){
	  			alertmsg('修改成功!');
	  		}else{
	  			alertmsg('修改失败!');
	  		}
	  	}else{
	  		alertmsg("原始密码不正确!");
	  	}
	  }
	  //栏目树形表格
	  function column_tree($pid){
	  	  $query = "select * from `column` where pid = ".$pid."";
	  	  $result = mysql_query($query) or die("查询栏目失败");
	  	  $n = mysql_num_rows($result);
	  	  if($n>0){
		  	  echo "<ul class='col'>";
		  	  while($row = mysql_fetch_array($result)){
		  	  	 echo "<li class='col1'>";
		  	  	 echo "<span class='coltitle'>".$row['name'];
		  	  	 echo "<a href=col_update.php?id=".$row['id'].">修改</a>";
		  	  	 echo "<a href=col_add.php?id=".$row['id'].">添加</a>";
		  	  	 echo "<a class='del' href=?act=col_del&id=".$row['id'].">删除</a>";
		  	  	 echo "</span>";
		  	  	  column_tree($row['id']);
		  	  	 echo "</li>";
		  	  }
		  	  echo "</ul>";
	  	  }
	  }
	   //导航树形
	  function nav_tree($pid){
	  	  $query = "select * from `nav` where pid = ".$pid." order by ord";
	  	  $result = mysql_query($query) or die("查询栏目失败");
	  	  $n = mysql_num_rows($result);
	  	  if($n>0){
		  	  echo "<ul class='col'>";
		  	  while($row = mysql_fetch_array($result)){
		  	  	 echo "<li class='col1'>";
		  	  	 echo "<span class='coltitle'>".$row['navname'];
		  	  	 echo "<a href=nav_update.php?id=".$row['id'].">修改</a>";
		  	  	 echo "<a href=nav_add.php?id=".$row['id'].">添加</a>";
		  	  	 echo "<a class='del' href=?act=col_del&id=".$row['id'].">删除</a>";
		  	  	 echo "</span>";
		  	  	  nav_tree($row['id']);
		  	  	 echo "</li>";
		  	  }
		  	  echo "</ul>";
	  	  }
	  }
?>